Bug#669349: marked as done (rsyslog: Denial of service vulnerabilities)

Debian Bug Tracking System Fri, 06 Sep 2013 11:46:27 -0700

Your message dated Fri, 6 Sep 2013 20:41:22 +0200
with message-id <[email protected]>
and subject line Re: Bug#669349: rsyslog: Denial of service vulnerabilities
has caused the Debian Bug report #669349,
regarding rsyslog: Denial of service vulnerabilities
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
669349: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669349
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: rsyslog
Version: 4.6.4-2
Severity: important, security

Please fix three security vulnerabilities: 
http://www.rsyslog.com/changelog-for-5-6-4-v5-stable/

"RepeatedMsgReduction Function Memory Exhaustion Local DoS"
http://security-tracker.debian.org/tracker/CVE-2011-1488
http://osvdb.org/show/osvdb/75190

"Multiple Ruleset Message Handling Memory Exhaustion Local DoS"
http://security-tracker.debian.org/tracker/CVE-2011-1489
http://osvdb.org/show/osvdb/75191

"Multiple Ruleset Message Handling Memory Exhaustion Local DoS"
http://security-tracker.debian.org/tracker/CVE-2011-1490
http://osvdb.org/show/osvdb/75192

-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rsyslog depends on:
ii  libc6                   2.11.3-3         Embedded GNU C Library: Shared lib
ii  lsb-base                3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages rsyslog recommends:
ii  logrotate                     3.7.8-6    Log rotation utility

Versions of packages rsyslog suggests:
pn  rsyslog-doc                   <none>     (no description available)
pn  rsyslog-gnutls                <none>     (no description available)
pn  rsyslog-gssapi                <none>     (no description available)
pn  rsyslog-mysql | rsyslog-pgsql <none>     (no description available)
pn  rsyslog-relp                  <none>     (no description available)

-- no debconf information

--- End Message ---

--- Begin Message ---

Source: rsyslog
Source-Version: 5.7.6-1

This was fixed in 5.7.6 upstream, so marking the bugreport
accordingly for this version.

Regards,
Salvatore

--- End Message ---

Bug#669349: marked as done (rsyslog: Denial of service vulnerabilities)

Reply via email to